"FPT IS strives to become a globally trusted provider of software solution and IT services, create value for our customers, enhance success for our employees, and contribute in a positive way to the community."

FPT Information System completely adheres to the common policies and objectives of the Group for 6 subjects (Shareholders, Customers, Leaders, Employees, Partners, Community).

FPT Information System fully complies with the Group’s common policies and objectives for 6 subjects:

1. For shareholders: The Company strives to bring the highest and most sustainable benefits to shareholders in order to deliver high and sustainable investment efficiency; build up trust for shareholders and well implement the internal control to protect the legitimate interests of shareholders.

2. For customers: The Company strives to satisfy customers based on in-depth understanding and best meet their demands by devotion and capacities that are constantly improved, in order to become the leading provider in its business sector. FPT also desires to fulfill its commitment to customers, deliver products on time with high quality, provide full after-sale services; improve the capacity of providing products and services to potential markets and customers; provide products and services with high quality, advanced technology in dedicated and professional manner, as well as comply with business ethics.

In addition to complying with the common policies and objectives of FPT Corporation, FPT IS also set up specific objectives to customers as follows:

• Promptly and fully meet the requirements of customers in the signed contracts• Ensure to provide the most suitable technology solutions to customers.

3. For leaders: The Company strives to build a strong leadership at all levels with inheritance nature, giving opportunities for each staff to show their best ability and achieve quantum success in order to build and develop an outstanding team of leadership at all levels with inheritance nature as well as create favorable conditions and chances for each leader to bring their competencies into full play to make breakthroughs along with the Company.

4. For employees: The Company strives to build a strong team to meet the organization’s development demands, preserve and promote the Company’s core values, ensure the material and spiritual benefits of the employees in order to build and develop a powerful team that meets the development needs of the organization. The Company wishes to preserve and promote the core spiritual values of the Company and ensure both physical and spiritual legitimate interests of employees.

5. For partners: The Company strives to establish relationships with partners on the basis of in-depth understanding, maximizing the strength of cooperation, long-term commitment, mutual success and sustainable development. It is aimed to thoroughly understand the strengths of each party to build a partnership with mutual benefits, bringing about success for both parties; expanding business sector, developing new products and services and establishing sustainable relationships with partners.

6. For community: The Company strives to make contributions to the community as as ground for its sustainable development, so as to contribute and bring about benefits to the community as well as improve the Company’s image and confidence in the community.

FPT IS INFORMATION SECURITY POLICY

1. PURPOSES

To provide management directions and support to information security and safety in accordance with commercial requirements and complying with laws and regulations.

In order to:
o Ensure compliance with legal requirements, regulations and binding requirements in contracts;
o Ensure the creditability of information;
o Maintain the integrity of information;
o Maintain the availability of information for business processes;
o Protect information from unauthorized access;
o Establish, maintain and test the plan to ensure uninterrupted business activities;
o Ensure training of information security to all staff;
o Notify any (actual or suspected) information security breaches to the Information Security Officer and implement serious investigations.

b. Review information security policies:

Information security policies are reviewed by FIS annually or in case of any significant change to ensure continuous compliance, accuracy and effectiveness.

3. EXCEPTIONS
All exceptions shall be approved by FIS Management.

4. CONTROL AND DESCIPLINE
- The Information Security Officer is responsible for controlling compliance to the policies.
- Any breach shall be strictly handled in accordance with the Company’s policies.